:arrow: Anyone who installed a phpBB bulletin board before Sept. 10, 2003 may want to visit the phpBB website to get a patch. Here's a quote from the phpBB "Latest News" page:
BBCode vulnerability - Important by psoTFX
10 Sep 2003
A vulnerability exists in recent versions of phpBB allowing xss to be used in the bbcode tag.
Please see [url]http://www.phpbb.com/phpBB/viewtopic.php?t=135116 for further information. This is a serious matter and we urge all users to take appropriate action.
I think that the new downloads include this patch but I'm not 100% certain. I use IBP anyway. :wink:
It may be worth it for people who are using phpBB to go to http://www.phpbb.com/news.php and bookmark it to check every so often. I tried to see if they had an e-mail update list but could not find one.